Encrypting all traffic from remote site

Unanswered Question
Dec 13th, 2009

We have a branch office which is connected to our HQ through IPSEC VPN all traffic are encrypted. Clients machine are able to access the resources on the HQ the problem is they are not able to connect to the Internet, as a workaround we configure the browser to use our internal proxy and it works fine. Now my question is how can i make the branch office users to access the internet without using our internal proxy. The configuration are as follows:

Branch office:

Encrypted Traffic: Traffic from 172.17.10.x/24(branch office network) to any

NAT 0: All traffic from 172.17.10.x/24(branch office network) to any

HQ:

Encrypted Traffic: All traffic  to 172.17.10.x/24(branch office network)

NAT 0: All traffic to 172.17.10.x/24(branch office network)

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
renato.berana Mon, 12/14/2009 - 22:55

VPN is terminated on two ASA 5540. I want the branch office users to access the internet using HQ's connection.

acomiskey Tue, 12/15/2009 - 05:38

global (outside) 1 interface

nat (outside) 1 172.17.10.0 255.255.255.0

same-security-traffic permit intra-interface

Actions

This Discussion